If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Just to add to the debate, I'll give you my organisations view of this matter. Hopefully it'll fuel the discussion surrounding Negative's comments.

In our organisation (as I guess in many others) users must sign a document of "do's and don'ts" that relate to the network. Where possible, we put technical countermeasures to enforce this, but if we can't, well the users sign up to say that they'll follow the rules. Importantly, the declaration says that users have read, understood and intend to follow the rules. If they don't sign, they don't get an account.

So, while a user may be able to download Kazaa onto their workstation (due to a failing in the configuration/administration of the system), the rules still say they mustn't do it, and they have signed a declaration saying that they wont.

This works well for us. Even if the technology allows a person to break the rules, procedures are in place that still allow us to give them a healthy slap

Where I work we have free access to dowload whatever we want, view whatever web pages we want, and basiclly do whatever we want on the net as long as our work gets done. But Im pretty sure that is becasue we are all techs.

And I am so pleased to hear that all techs are security experts in Hawaii....

That's not a personal attack but techs can be the absolute worst where security is concerned. There is an unprecidented level of complacency amongst "techs" that perfectly demonstrates the failure of the "it'll never happen to me" syndrome.

My best technician at work, (believe me, he's damn good at servers, LAN's, workstations, hardware etc. He'll run rings around most peope here), gets his home network infested with dumb crap all the time. I have no clue what he does there but he often comes to me for advice about how to clean or stop this, that or the other. I explain stuff and a few weeks later he comes back with something else..... NOTE: He owns a Watchguard firewall.....

XTC: I wouldn't mind moving to Hawaii..... Pray to your god I never become your admin..... I'll cut off several little "avenues of pleasure".......

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

What a wonderful discussion! I am going to copy this to a document for the president of the company (just the discussion - not the identities, dates and other stuff). I would like the company to be a little more hard-nosed about policies. Unfortunately there is no IT budget, so all we can respond to is what we actually see in front of our faces.

Now if only I can figure out how to get the employees' children to stop using the printer paper, styrofoam cups (why are we providing those for employees?), paper plates, etc. The children are ever so clever at hiding what they use (in trash cans, in storage areas, on monitors)...

And in case anyone reading this is wondering, yes - the office allows children in the office and some of us are very unhappy about it. No, there is no daycare/homework area (which would make having the children here all right) - other than THE CONFERENCE ROOM. Due to these children, I have already had to spend several hours downloading and running Ad-Aware, uninstalling software and doing other things.

Due to these children, I have already had to spend several hours downloading and running Ad-Aware, uninstalling software and doing other things.

Allowing children in the office is one thing, but letting them even touch the computers is crazy. I'd bitchslap any kid that touched a computer and let their parent(s) know that if they value their jobs, they'd get their kids to stop touching the computers.

Originally posted here by cgkanchi Allowing children in the office is one thing, but letting them even touch the computers is crazy. I'd bitchslap any kid that touched a computer and let their parent(s) know that if they value their jobs, they'd get their kids to stop touching the computers.

Cheers,
cgkanchi

Ahh the hell with your way. Someone already mentioned I'm over qualified for this kind of thing. I wouldn't do a thing to the parents. I would however show the kid what the parent keeps in his or her /images directory. The problem would work itself out.

Funny how this got mentioned. In about a year I will in fact be working with TheHorse13. The users have about a year to prepair. After that, heh...

I think another good way to keep users from doing stupid things I don't think they should be doing, is by setting up a web cache, and then making a script to go through that cache, and Email me each users web site views, and then me E-mailing each user's page hits to his or her spouse.

And if they dare go for phone sex on the job, popping on some record heads to the phone system, and then playing the tapes into the answering machine of the user's home for the Husband/Wife to hear...Heh I think that should take care of that, and anything else they want to try.

Of course, those who pay a fee to "Bastard Inc." would be let off with a warning. Maybe I may just take the money and then play the tapes over the answering machine anyway.

I could probably record user calls easy, as I have a book showing me how to make GNU/Linux into a home answering service. I could just get a huge HD and record all phone calls for "Quality assurance" and when a user slips up, it's either pay up, or go down

I'm a good admin. My network has all 5 "9s" of uptime.

EDIT:

I just thought of something:

After they pay me off not to play these taps over the answering machine, I could tell them that if they don't pay me MORE, I'll play the video recording of them paying me last time to the boss saying they tried bribing me

Yep, however, Bastard Inc. is already doing a feverish business at my facility ala TheHorse13's enterprise-wide security initiative. No caching servers needed because Websense does everything you mentioned and then some. *EVIL GRIN*

Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Originally posted here by Negative I've wondered about this for a while, and I have a (slightly) different opinion.

There are two aspects to the end user's responsibilities:
- the actual use of the network
- the time he spends on that network

The time he spends on that network is something the end user can be held responsible for: if the corporate agreement states that you're supposed to be working while at work, the end user could be held responsible if he spends work time doing something else. If a user is surfing news-sites all day, he could be nailed down: he's supposed to be working, not surfing (let's assume that the user doesn't work for a press agency...). There is no "work" reason for him to be on news sites.
The same rules apply in this case as they do for people who play poker all day with their co-workers.

But if the network settings allow him to surf to news sites, can he be held responsible for that?
If my corporate network allows me to download games and my personal work-computer allows me to install them (due to the incompetence/negligence of the admin), can I be held responsible for downloading and installing those games? In my opinion: no. I can be held responsible for playing those games since I'm supposed to be working, but for downloading and installing them?

The end result is the same: people are doing stuff they're not supposed to be doing. But my reasoning is a little different, I guess...

It of course all changes when users are deliberately trying to circumvent security measures...

thats a little weak.....

there are telephones. fax machines e.t.c... in the work place.

if a user decides to spend 95% of their time talking on the phone with their friends instead of working.... you and management would do something about it pretty fast. the user can't turn around and say, "but there is a phone in my office. what i am supposed to do. i can't be held responsible".

be it a telephone or a computer connected to the internet. you are not managing the technology. you are managing the people and how they spend their time at work while being paid.